BLS verification (#460)

Cargo.toml

@@ -77,6 +77,8 @@ hex = { version = "0.4.3", default-features = false }
 paste = "1.0.6"
 slices = "0.2.0"
 schnorrkel = { version = "0.9.1", default-features = false }
+blst = "0.3.11"
+
 
 tangle-testnet-runtime = { package = "tangle-testnet-runtime", path = "runtime/testnet" }
 tangle-runtime = { package = "tangle-runtime", path = "runtime/mainnet" }

pallets/dkg/Cargo.toml

@@ -30,6 +30,7 @@ frost-ristretto255 = { package = "frost-ristretto255", workspace = true, default
 frost-secp256k1 = { package = "frost-secp256k1", workspace = true, default-features = false }
 frost-p256 = { package = "frost-p256", workspace = true, default-features = false }
 frost-p384 = { package = "frost-p384", workspace = true, default-features = false }
+blst = { workspace = true, default-features = false, features = ["portable", "no-threads"] }
 
 # FROST RedJubjub is not yet no_std compatible
 # TODO: Update this once it is.

pallets/dkg/frost/frost-ed25519/Cargo.toml

@@ -22,7 +22,7 @@ description = "A Schnorr signature scheme over Ed25519 that supports FROST."
 parity-scale-codec = { workspace = true }
 curve25519-dalek = { version = "=4.1.1", default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha2 = { version = "0.10.2", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/frost-ed448/Cargo.toml

@@ -26,7 +26,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 parity-scale-codec = { workspace = true }
 ed448-goldilocks = { git = "https://github.com/drewstone/Ed448-Goldilocks.git", branch = "drew/zeroize", package = "ed448-goldilocks-plus", default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha3 = { version = "0.10", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/frost-p256/Cargo.toml

@@ -22,7 +22,7 @@ description = "A Schnorr signature scheme over Ed25519 that supports FROST."
 parity-scale-codec = { workspace = true }
 p256 = { version = "0.13.0", features = ["hash2curve", "alloc"], default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha2 = { version = "0.10.2", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/frost-p384/Cargo.toml

@@ -26,7 +26,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 parity-scale-codec = { workspace = true }
 p384 = { version = "0.13.0", features = ["hash2curve", "alloc"], git = "https://github.com/LIT-Protocol/elliptic-curves.git", default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha2 = { version = "0.10.2", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/frost-redjubjub/Cargo.toml

@@ -29,7 +29,7 @@ parity-scale-codec = { workspace = true }
 jubjub = { version = "0.10", git = "https://github.com/LIT-Protocol/jubjub.git", features = ["alloc"], default-features = false }
 group = { version = "0.13", features = ["alloc"], default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha2 = { version = "0.10.2", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/frost-ristretto255/Cargo.toml

@@ -22,7 +22,7 @@ description = "A Schnorr signature scheme over Ed25519 that supports FROST."
 parity-scale-codec = { workspace = true }
 curve25519-dalek = { version = "=4.1.1", default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha2 = { version = "0.10.2", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/frost-secp256k1/Cargo.toml

@@ -26,7 +26,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 parity-scale-codec = { workspace = true }
 k256 = { version = "0.13.0", features = ["arithmetic", "expose-field", "hash2curve", "alloc"], default-features = false }
 frost-core = { workspace = true }
-rand_core = { version = "0.6", default-features = false, optional = true }
+rand_core = { version = "0.6", optional = true }
 sha2 = { version = "0.10.2", default-features = false }
 subtle = { workspace = true }
 

pallets/dkg/frost/src/lib.rs

@@ -35,6 +35,7 @@ pub mod verifying_key;
 
 #[cfg(feature = "std")]
 use rand_core::{CryptoRng, RngCore};
+#[cfg(feature = "std")]
 use traits::{Ciphersuite, Field, Group, Scalar};
 
 /// Generates a random nonzero scalar.

pallets/dkg/frost/src/signing_key.rs

@@ -1,14 +1,15 @@
 //! Schnorr signature signing keys
 
 use crate::{
-	challenge::challenge,
 	error::Error,
-	signature::Signature,
 	traits::{Ciphersuite, Field, Group, Scalar},
 	util::scalar_is_valid,
 	verifying_key::VerifyingKey,
 };
 
+#[cfg(feature = "std")]
+use crate::{challenge::challenge, signature::Signature};
+
 #[cfg(feature = "std")]
 use crate::random_nonzero;
 #[cfg(feature = "std")]

pallets/dkg/src/functions.rs

@@ -119,6 +119,7 @@ impl<T: Config> Pallet<T> {
 			DigitalSignatureScheme::Ecdsa => verify_generated_dkg_key_ecdsa::<T>(data),
 			DigitalSignatureScheme::SchnorrSr25519 =>
 				verify_generated_dkg_key_schnorr_sr25519::<T>(data),
+			DigitalSignatureScheme::Bls381 => verify_generated_dkg_key_ecdsa::<T>(data),
 			_ => Err(Error::<T>::InvalidSignature.into()),
 		}
 	}
@@ -145,6 +146,7 @@ impl<T: Config> Pallet<T> {
 				&data.signature,
 				&data.signing_key,
 			),
+			DigitalSignatureScheme::Bls381 => Self::verify_bls_signature(&data),
 			DigitalSignatureScheme::SchnorrEd25519 |
 			DigitalSignatureScheme::SchnorrEd448 |
 			DigitalSignatureScheme::SchnorrP256 |
@@ -197,4 +199,32 @@ impl<T: Config> Pallet<T> {
 			_ => Err(Error::<T>::InvalidSignature.into()), // unimplemented
 		}
 	}
+
+	/// Verifies the DKG signature result for BLS signatures.
+	///
+	/// This function uses the BLS signature algorithm to verify the provided signature
+	/// based on the message data, signature, and signing key in the DKG signature result.
+	///
+	/// # Arguments
+	///
+	/// * `data` - The DKG signature result containing the message data, BLS signature, and signing
+	///   key.
+	fn verify_bls_signature(
+		data: &DKGTSSSignatureResult<T::MaxDataLen, T::MaxKeyLen, T::MaxSignatureLen>,
+	) -> DispatchResult {
+		let public_key = blst::min_pk::PublicKey::deserialize(&data.signing_key)
+			.map_err(|_err| Error::<T>::InvalidBlsPublicKey)?;
+		let signature = blst::min_pk::Signature::deserialize(&data.signature)
+			.map_err(|_err| Error::<T>::InvalidSignatureData)?;
+		let dst = &mut [0u8; 48];
+		let signed_data = &data.data;
+
+		if signature.verify(true, signed_data, dst, &[], &public_key, true) !=
+			blst::BLST_ERROR::BLST_SUCCESS
+		{
+			return Err(Error::<T>::InvalidSignature.into())
+		}
+
+		Ok(())
+	}
 }

pallets/dkg/src/lib.rs

@@ -128,6 +128,8 @@ pub mod pallet {
 		SigningKeyMismatch,
 		/// Invalid participant public key
 		InvalidParticipantPublicKey,
+		/// Invalid BLS public key
+		InvalidBlsPublicKey,
 	}
 
 	#[pallet::call]